aboutsummaryrefslogtreecommitdiffstats
path: root/extraconfig/post_deploy/undercloud_post.sh
blob: 8bcae1d37231d1ad235dd750b657e93d92a05933 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

@media only all and (prefers-color-scheme: dark) {
.highlight .hll { background-color: #49483e }
.highlight .c { color: #75715e } /* Comment */
.highlight .err { color: #960050; background-color: #1e0010 } /* Error */
.highlight .k { color: #66d9ef } /* Keyword */
.highlight .l { color: #ae81ff } /* Literal */
.highlight .n { color: #f8f8f2 } /* Name */
.highlight .o { color: #f92672 } /* Operator */
.highlight .p { color: #f8f8f2 } /* Punctuation */
.highlight .ch { color: #75715e } /* Comment.Hashbang */
.highlight .cm { color: #75715e } /* Comment.Multiline */
.highlight .cp { color: #75715e } /* Comment.Preproc */
.highlight .cpf { color: #75715e } /* Comment.PreprocFile */
.highlight .c1 { color: #75715e } /* Comment.Single */
.highlight .cs { color: #75715e } /* Comment.Special */
.highlight .gd { color: #f92672 } /* Generic.Deleted */
.highlight .ge { font-style: italic } /* Generic.Emph */
.highlight .gi { color: #a6e22e } /* Generic.Inserted */
.highlight .gs { font-weight: bold } /* Generic.Strong */
.highlight .gu { color: #75715e } /* Generic.Subheading */
.highlight .kc { color: #66d9ef } /* Keyword.Constant */
.highlight .kd { color: #66d9ef } /* Keyword.Declaration */
.highlight .kn { color: #f92672 } /* Keyword.Namespace */
.highlight .kp { color: #66d9ef } /* Keyword.Pseudo */
.highlight .kr { color: #66d9ef } /* Keyword.Reserved */
.highlight .kt { color: #66d9ef } /* Keyword.Type */
.highlight .ld { color: #e6db74 } /* Literal.Date */
.highlight .m { color: #ae81ff } /* Literal.Number */
.highlight .s { color: #e6db74 } /* Literal.String */
.highlight .na { color: #a6e22e } /* Name.Attribute */
.highlight .nb { color: #f8f8f2 } /* Name.Builtin */
.highlight .nc { color: #a6e22e } /* Name.Class */
.highlight .no { color: #66d9ef } /* Name.Constant */
.highlight .nd { color: #a6e22e } /* Name.Decorator */
.highlight .ni { color: #f8f8f2 } /* Name.Entity */
.highlight .ne { color: #a6e22e } /* Name.Exception */
.highlight .nf { color: #a6e22e } /* Name.Function */
.highlight .nl { color: #f8f8f2 } /* Name.Label */
.highlight .nn { color: #f8f8f2 } /* Name.Namespace */
.highlight .nx { color: #a6e22e } /* Name.Other */
.highlight .py { color: #f8f8f2 } /* Name.Property */
.highlight .nt { color: #f92672 } /* Name.Tag */
.highlight .nv { color: #f8f8f2 } /* Name.Variable */
.highlight .ow { color: #f92672 } /* Operator.Word */
.highlight .w { color: #f8f8f2 } /* Text.Whitespace */
.highlight .mb { color: #ae81ff } /* Literal.Number.Bin */
.highlight .mf { color: #ae81ff } /* Literal.Number.Float */
.highlight .mh { color: #ae81ff } /* Literal.Number.Hex */
.highlight .mi { color: #ae81ff } /* Literal.Number.Integer */
.highlight .mo { color: #ae81ff } /* Literal.Number.Oct */
.highlight .sa { color: #e6db74 } /* Literal.String.Affix */
.highlight .sb { color: #e6db74 } /* Literal.String.Backtick */
.highlight .sc { color: #e6db74 } /* Literal.String.Char */
.highlight .dl { color: #e6db74 } /* Literal.String.Delimiter */
.highlight .sd { color: #e6db74 } /* Literal.String.Doc */
.highlight .s2 { color: #e6db74 } /* Literal.String.Double */
.highlight .se { color: #ae81ff } /* Literal.String.Escape */
.highlight .sh { color: #e6db74 } /* Literal.String.Heredoc */
.highlight .si { color: #e6db74 } /* Literal.String.Interpol */
.highlight .sx { color: #e6db74 } /* Literal.String.Other */
.highlight .sr { color: #e6db74 } /* Literal.String.Regex */
.highlight .s1 { color: #e6db74 } /* Literal.String.Single *
#!/bin/bash
set -eux

ln -sf /etc/puppet/hiera.yaml /etc/hiera.yaml


# WRITE OUT STACKRC
if [ ! -e /root/stackrc ]; then
    touch /root/stackrc
    chmod 0600 /root/stackrc

cat >> /root/stackrc <<-EOF_CAT
export OS_PASSWORD=$admin_password
export OS_AUTH_URL=$auth_url
export OS_USERNAME=admin
export OS_TENANT_NAME=admin
export COMPUTE_API_VERSION=1.1
export NOVA_VERSION=1.1
export OS_BAREMETAL_API_VERSION=1.15
export OS_NO_CACHE=True
export OS_CLOUDNAME=undercloud
EOF_CAT

    if [ -n "$ssl_certificate" ]; then
cat >> /root/stackrc <<-EOF_CAT
export PYTHONWARNINGS="ignore:Certificate has no, ignore:A true SSLContext object is not available"
EOF_CAT
    fi
fi

source /root/stackrc

if [ ! -f /root/.ssh/authorized_keys ]; then
    sudo mkdir -p /root/.ssh
    sudo chmod 7000 /root/.ssh/
    sudo touch /root/.ssh/authorized_keys
    sudo chmod 600 /root/.ssh/authorized_keys
fi

if [ ! -f /root/.ssh/id_rsa ]; then
    ssh-keygen -b 1024 -N '' -f /root/.ssh/id_rsa
fi

if ! grep "$(cat /root/.ssh/id_rsa.pub)" /root/.ssh/authorized_keys; then
    cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
fi

PHYSICAL_NETWORK=ctlplane

ctlplane_id=$(openstack network list -f csv -c ID -c Name --quote none | tail -n +2 | grep ctlplane | cut -d, -f1)
subnet_ids=$(openstack subnet list -f csv -c ID --quote none | tail -n +2)
subnet_id=

for subnet_id in $subnet_ids; do
    network_id=$(openstack subnet show -f value -c network_id $subnet_id)
    if [ "$network_id" = "$ctlplane_id" ]; then
        break
    fi
done

net_create=1
if [ -n "$subnet_id" ]; then
    cidr=$(openstack subnet show $subnet_id -f value -c cidr)
    if [ "$cidr" = "$undercloud_network_cidr" ]; then
        net_create=0
    else
        echo "New cidr $undercloud_network_cidr does not equal old cidr $cidr"
        echo "Will attempt to delete and recreate subnet $subnet_id"
    fi
fi

if [ "$net_create" -eq "1" ]; then
    # Delete the subnet and network to make sure it doesn't already exist
    if openstack subnet list | grep start; then
        openstack subnet delete $(openstack subnet list | grep start | awk '{print $4}')
    fi
    if openstack network show ctlplane; then
        openstack network delete ctlplane
    fi


    NETWORK_ID=$(openstack network create --provider-network-type=flat --provider-physical-network=ctlplane ctlplane | grep " id " | awk '{print $4}')

    NAMESERVER_ARG=""
    if [ -n "${undercloud_nameserver:-}" ]; then
        NAMESERVER_ARG="--dns-nameserver $undercloud_nameserver"
    fi

    openstack subnet create --network=$NETWORK_ID \
        --gateway=$undercloud_network_gateway \
        --subnet-range=$undercloud_network_cidr \
        --allocation-pool start=$undercloud_dhcp_start,end=$undercloud_dhcp_end \
        --host-route destination=169.254.169.254/32,gateway=$local_ip \
        $NAMESERVER_ARG ctlplane
fi

# Disable nova quotas
openstack quota set --cores -1 --instances -1 --ram -1 $(openstack project show admin | awk '$2=="id" {print $4}')

# MISTRAL WORKFLOW CONFIGURATION
if [ "$(hiera mistral_api_enabled)" = "true" ]; then
    # load workflows
    for workbook in $(openstack workbook list | grep tripleo | cut -f 2 -d ' '); do
        openstack workbook delete $workbook
    done
    for workflow in $(openstack workflow list | grep tripleo | cut -f 2 -d ' '); do
        openstack workflow delete $workflow
    done
    for workbook in $(ls /usr/share/openstack-tripleo-common/workbooks/*); do
        openstack workbook create $workbook
    done

  # Store the SNMP password in a mistral environment
  if ! openstack workflow env show tripleo.undercloud-config &>/dev/null; then
      TMP_MISTRAL_ENV=$(mktemp)
      echo "{\"name\": \"tripleo.undercloud-config\", \"variables\": {\"undercloud_ceilometer_snmpd_password\": \"$snmp_readonly_user_password\"}}" > $TMP_MISTRAL_ENV
      openstack workflow env create $TMP_MISTRAL_ENV
   fi

fi

# IP forwarding is needed to allow the overcloud nodes access to the outside
# internet in cases where they are on an isolated network.
sysctl -w net.ipv4.ip_forward=1
# Make it persistent
echo "net.ipv4.ip_forward=1" > /etc/sysctl.d/ip-forward.conf